What a Hacker Sees: Top 20 CIS Critical Security Controls

In this document, you’ll learn about the top 20 Center for Internet Security (CIS) Critical Security Controls (CSC)—the key controls that companies can implement to mitigate threats they are facing. Item by item, we’ll cover each control, showing attack examples and explaining how each control could have prevented the attack from being successful. Optiv’s penetration testers see these controls daily—not from a policy standpoint—but rather from vulnerability identification and exploitation. Here, they focus on what you need to know, what the risk is, and how to apply it.